summaryrefslogtreecommitdiffstats
path: root/tests/data/regressions/its9400/slapd-proxy-idassert.conf
diff options
context:
space:
mode:
Diffstat (limited to 'tests/data/regressions/its9400/slapd-proxy-idassert.conf')
-rw-r--r--tests/data/regressions/its9400/slapd-proxy-idassert.conf52
1 files changed, 52 insertions, 0 deletions
diff --git a/tests/data/regressions/its9400/slapd-proxy-idassert.conf b/tests/data/regressions/its9400/slapd-proxy-idassert.conf
new file mode 100644
index 0000000..2f2750b
--- /dev/null
+++ b/tests/data/regressions/its9400/slapd-proxy-idassert.conf
@@ -0,0 +1,52 @@
+# provider slapd config -- for testing
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2022 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+include @SCHEMADIR@/core.schema
+include @SCHEMADIR@/cosine.schema
+include @SCHEMADIR@/inetorgperson.schema
+include @SCHEMADIR@/openldap.schema
+include @SCHEMADIR@/nis.schema
+pidfile @TESTDIR@/slapd.m.pid
+argsfile @TESTDIR@/slapd.m.args
+
+#######################################################################
+# database definitions
+#######################################################################
+
+#mod#modulepath ../servers/slapd/back-@BACKEND@/:../servers/slapd/overlays
+#mod#moduleload back_@BACKEND@.la
+#ldapmod#modulepath ../servers/slapd/back-ldap/
+#ldapmod#moduleload back_ldap.la
+#monitormod#modulepath ../servers/slapd/back-monitor/
+#monitormod#moduleload back_monitor.la
+
+# here the proxy is not only acting as a proxy, but it also has a local database dc=local,dc=com"
+database @BACKEND@
+suffix "dc=local,dc=com"
+rootdn "cn=Manager,dc=local,dc=com"
+rootpw "secret"
+#~null~#directory @TESTDIR@/db.2.a
+
+# Configure proxy
+# - normal user binds to "*,dc=example,dc=com" are proxied through to the remote slapd
+# - admin bind to local "cn=Manager,dc=local,dc=com" is overwritten by using idassert-bind
+database ldap
+uri "@URI1@"
+suffix "dc=example,dc=com"
+idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials="secret"
+idassert-authzFrom "dn.exact:cn=Manager,dc=local,dc=com"
+rebind-as-user yes
+
+database monitor
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-22 11:30:21 +0000